snoopdb-1.3.0

database for querying the test coverage of a kubernetes cluster

snoopdb-1.2.9

database for querying the test coverage of a kubernetes cluster

snoopdb-1.2.6

database for querying the test coverage of a kubernetes cluster

auditlogger-1.2.9

A processor for Kubernetes Audit logs, which inserts each into SnoopDB

auditlogger-1.2.6

A processor for Kubernetes Audit logs, which inserts each into SnoopDB

Prow Automation Test Release

This release should create images for use with APISnoop for test writers and for deploying the APISnoop site.

Audit with User Agent Stacktrace

This raw log includes an extremely verbose user-agent field populated with the callstack at the time of the call.
The parsed log moves this raw field into this structure:

  "apisnoop": {
    "kapic": "kube-apiserver/v1.12.0 (linux/amd64) kubernetes/b143093",
    "function": [
      "k8s.io/client-go/rest.(*Request).Do()",
      "k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1.(*initializerConfigurations).List()",
      "k8s.io/apiserver/pkg/admission/configuration.NewInitializerConfigurationManager.func1()",
      "k8s.io/apiserver/pkg/admission/configuration.(*poller).sync()",
      "k8s.io/apiserver/pkg/admission/configuration.sync)-fm()",
      "k8s.io/apimachinery/pkg/util/wait.JitterUntil.func1()",
      "k8s.io/apimachinery/pkg/util/wait.JitterUntil()",
      "k8s.io/apimachinery/pkg/util/wait.Until()",
      "runtime.goexit()"
    ],
    "fileline": [
      "k8s.io/client-go/rest/request.go:807",
      "k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/initializerconfiguration.go:79",
      "k8s.io/apiserver/pkg/admission/configuration/initializer_manager.go:42",
      "k8s.io/apiserver/pkg/admission/configuration/configuration_manager.go:155",
      "k8s.io/apiserver/pkg/admission/configuration/configuration_manager.go:151",
      "k8s.io/apimachinery/pkg/util/wait/wait.go:133",
      "k8s.io/apimachinery/pkg/util/wait/wait.go:134",
      "k8s.io/apimachinery/pkg/util/wait/wait.go:88",
      "runtime/asm_amd64.s:2361"
    ],
  }

This was accomplished by the recent user-agent audit logging patch and a client-go hack so the approach could be applied to any go binary, including all of kubernetes itself, without modification (just recompilation).

Documentation for using this data is available here:

https://github.com/cncf/apisnoop/tree/master/dev/user-agent-stacktrace#method

Initial APISnoop Audit Logs

These logs were generated using ./audit-charts.sh.

Usage:

export CHART=mystablechart
./audit-chart.sh stable/$CHART
# hit crtl-c when chart is fully deployed and e2e tested
helm delete $CHART --purge ; kubectl delete ns $CHART
ls -la $CHART.log